8dd47e7910677947e72a79d0bc61a4e3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8dd47e7910677947e72a79d0bc61a4e3
Size

16KB
MD5

8dd47e7910677947e72a79d0bc61a4e3
SHA1

587cb518a4b31ba0258a2b4c7f2793808bcd5e52
SHA256

7f90e45d37a98904bcb01a45c59cbdf09dfa15aa33bd8182f0fa9964665abffd
SHA512

9b85e36b8ccda7e0c2eb6610fd24b405a4cd5c37cf9385f636c29aef14bc9d0250c31413bd8b3dc51313a46c5635768e571ec3d5d141980744624b7d8bad8363
SSDEEP

96:84bDzjiw1lZd+Uitkitatboyn+8fP/MFaS:Lzjv1xfJ1oyn+8fP/MFR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8dd47e7910677947e72a79d0bc61a4e3

Files

8dd47e7910677947e72a79d0bc61a4e3
.exe windows:4 windows x86 arch:x86

526460dafb85b7be8abbf5e88b01f646

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord860
ord540
ord5683
ord858
ord800
ord4129
ord6663
ord4202

msvcrt

__set_app_type
__p__fmode
_except_handler3
_controlfp
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
__p__commode
_adjust_fdiv
_exit

kernel32

GetProcAddress
GetLocalTime
GetModuleFileNameA
GetVersionExA
WinExec
GetCurrentProcessId
GetStartupInfoA
GetModuleHandleA
lstrlenA
LoadLibraryA
FreeLibrary
FindFirstFileA
CreateMutexA
GetLastError

user32

EndPaint
RegisterClassA
LoadCursorA
LoadIconA
wsprintfA
PostQuitMessage
CreateWindowExA
BeginPaint
DefWindowProcA
GetMessageA
TranslateMessage
DispatchMessageA

gdi32

TextOutA
GetStockObject

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE